Coinbase: Regulation by Enforcement? CFTC & Market Implications | Moore & Van Allen PLLC

[co-author: John Lightbourne]

A Bloomberg article last week suggests potentially more bad news is on the way for Coinbase Global Inc. (“Coinbase”). Coinbase is reportedly facing an investigation by the U.S. Securities and Exchange Commission (“SEC”) into whether it let customers trade digital assets that the SEC believes should have been registered as securities. Rumors of investigations by the SEC do not necessarily suggest problems for the company at the center of those rumors, but the timing of a recent SEC complaint (SEC v. Wahi) may explain why this report had such a negative effect on Coinbase’s stock.

SEC v. Wahi, Enforcement Action or Rulemaking?

An examination of SEC v. Wahi can illuminate why potential SEC enforcement actions may be on the horizon for Coinbase and other crypto exchanges. At its core, the SEC’s complaint in Wahi alleges that a Coinbase employee shared material nonpublic information with two other defendants about the timing of Coinbase’s release of new digital assets to conduct insider trading activities and ultimately securities fraud.

Interestingly, the SEC’s complaint notes that nine of the digital assets the defendants traded were “crypto asset securities”. Previous SEC actions against different crypto exchanges (e.g. TokenLot and Poloniex) did not identify which assets were alleged to be “crypto asset securities,” merely that those crypto exchanges were being used to trade securities.

The determination of whether a digital asset is a security (generally referred to as a “crypto asset security” or “digital asset security” by the SEC), is a facts and circumstances determination based on decades of securities case law and SEC guidance. To date, the SEC’s position has been that the analysis of whether a digital asset is a security should not be treated differently from other “investment contracts” (as described in more detail below) or other securities. In 2019, the SEC issued its most comprehensive guidance to date addressing characteristics of digital assets that would make them more or less likely to be a security under existing jurisprudence (the “Framework”). Prior to issuing the Framework, the SEC’s primary guidance was what was known as the DAO Report issued in 2017.

Outside of these resources, the SEC has provided limited guidance in a handful of no-action letters issued over the past couple of years and in enforcement actions applying the views espoused in the DAO Report and the Framework. A large portion of this SEC guidance attempts to delineate between digital assets that are used to raise funds for a company or project, and an asset that has a purely consumable purpose (i.e., a utility or consumable token). Many crypto exchanges, including Coinbase, built out compliance processes to review and analyze the question as to whether digital assets are securities based on this collection of precedent from the SEC. Unfortunately, the determination of whether an asset is a “crypto asset security” is frequently not clear.

Complicating matters, the CFTC, which retains regulatory authority over derivatives markets and certain enforcement authorities over commodity spot markets, has provided only limited guidance on when a digital asset should be considered a commodity (which the CFTC frequently call “virtual currencies”) under its purview (which would mean the CFTC governs contracts providing for the delivery of digital assets and derivative contracts on digital assets). To date most CFTC guidance comes in the form of enforcement actions policing fraud in virtual currency spot markets or failures of trading platforms to register with the CFTC.  The rules of the road for digital assets are not clear where securities and commodities begin to mix.

In an ironic coincidence, on the same day Coinbase received the charges from the SEC, Coinbase also filed a petition for rule making on “the regulation of securities that are offered and traded via digitally native methods, including potential rules to identify which digital assets are securities.” According to a Coinbase blog post (more on that below), Coinbase filed their petition “so the market has a chance to develop” and rules can be crafted in a transparent manner, instead of “one-off enforcement actions.”

Crypto Asset Securities

The SEC v. Wahi complaint defines “crypto asset securities” as digital assets, virtual currencies, coins, and tokens that meet the definition of “security” under the federal securities laws. Furthermore that “[a] digital token or crypto asset is a crypto security if it meets the definition of a security, which the Securities Act defines to include “investment contract,” i.e., if it constitutes an investment of money, in a common enterprise, with a reasonable expectation of profit derived from the efforts of others.”

The SEC complaint alleges that the nine crypto asset securities were offered and sold by an issuer to raise money that would be used for the issuer’s business, that each of the crypto asset securities’ value depended on the efforts of management, and that others at the company and investors could sell their crypto asset securities on secondary markets (e.g., Coinbase). The analysis for each of the crypto assets is a clear application of the Framework. Although several of the tokens had arguably a utility or consumable purpose, the SEC noted characteristics for each that it had previously identified as indicative of being a security.

The crypto industry has largely taken the view that Utility and Consumable tokens should not be considered securities, once they can be used for their stated purpose. As a result, non-security “virtual currencies” and Consumable tokens are generally considered by the industry to be regulated by the CFTC as though they are commodities. This is very likely why the SEC’s complaint struck a chord with CFTC Commissioner Caroline Pham who issued a strongly worded statement that SEC v. Wahi is “a striking example of ‘regulation by enforcement” and would treat as securities digital assets “that could be described as utility tokens and/or certain tokens relating to decentralized autonomous organizations.” Which is a very fair claim, considering the SEC is using this case to both reinforce and potentially expand the perceived limits to the Framework by giving reduced weight to factors (such as a token being consumable) that would weigh against characterizing an asset as a security. Commissioner Pham is also right – the SEC’s allegations will have broad implications beyond the specific case.

Broader Implications of the SEC’s Case

SEC v. Wahi lends credence to the possibility that Coinbase (and other crypto exchanges) could face the same scrutiny as TokenLot, Poloniex and other exchanges – especially since SEC v. Wahi states which digital assets are being traded on its platform that the SEC alleges are “crypto asset securities.” Coinbase immediately followed the announcement of SEC v. Wahi with a blog titled “Coinbase does not list securities. End of Story.” Coinbase’s blog post notes they exercise “a rigorous process to analyze and review each digital asset before making it available on our exchange — a process that the SEC itself has reviewed.”

All crypto exchanges and other market intermediaries should be closely scrutinizing and documenting the securities analysis of the digital assets they deal in or make available on their respective platforms, including whether participants should cease support for certain assets or seek SEC-registration. Un-licensed market participants that permit dealing in the nine crypto assets highlighted by the SEC in SEC v. Wahi are now in a tough position, with at least some exchanges/platforms choosing to delist certain tokens pending the outcome of the SEC’s case.  

The knock-on effects of the SEC’s case are wide ranging. Unfortunately, the rulemaking process for agencies is slow, and regulation-through-enforcement is sometimes a much quicker means of establishing an agency’s jurisdiction. Case-and-point, the Howey test for whether an instrument is a “investment contract” was itself a court case.

Tip of the iceberg

According to an article from Forbes, staffers in U.S. Senator Cynthia Lummins’ (R-Wy) are sharing that the SEC’s alleged investigation into Coinbase is “just the tip of the iceberg.” An unnamed staffer from that Senator’s office has shared that every U.S. crypto exchange is in some stage of an SEC investigation and that unfruitful jurisdictional discussions between the SEC and CFTC may mean that the legislature would have to get involved to make that call. A source on background for the article, a senior executive at a large cryptocurrency exchange, said many exchanges have received Wells Notices which are provided by the SEC to notifying a party of the substance of charges that the regulator intends to bring and affording that party the opportunity to submit a written response before charges are filed.

The SEC’s actions and alleged actions are setting up what will undoubtedly be a regulatory power shift in the digital assets and cryptocurrency space. Their actions could also embolden other agencies that have been particularly aggressive under the Biden Administration (e.g., CFPB). Crypto Exchanges should be paying very close attention to their digital asset characterization processes, AML/BSA processes, cybersecurity processes, and need to make sure they have mature compliance management practices in place.